New research by Lookout has revealed that there is a lack of awareness towards the NCSC Cyber Essentials framework. The endpoint-to-cloud security provider found only 28% of organisations had fully implemented Cyber Essentials, with over a third (40%) of security professionals claiming they were unfamiliar with the scheme. Of those that had not implemented the scheme, over half (58%) said a lack of awareness or understanding as the reason why their organisation had not done so.
Having evaluated the opinions of 246 security professionals towards the NCSC Cyber Essentials framework at Infosecurity Europe 2023 (20 – 22 June), it is clear more works needs to be done to raise awareness for the UK government backed programme that aims to help UK organisations improve their cyber resiliency against the most common cyberattacks. There are two levels of certification provided by Cyber Essentials, a basic level and ‘plus’, which organisations can achieve when showing commitment to cyber security. Achieving the basic Cyber Essential certificate indicates the organisation knows how to prevent the vast majority of common cyberattacks. With Cyber Essentials Plus, there is an added hands-on technical verification and vulnerability scanning that is conducted on the systems used by the organisation.
Of those that answered they were Cyber Essential certified, 58% stated they had the standard level while 42% had completed Cyber Essential Plus. The top three benefits experienced from being certified were: an improvement in cybersecurity measures (60%), an increase in customer trust and confidence (54%), and compliance with regulatory requirements (48%).